dependabot-python 0.113.19 → 0.113.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/requirements.txt +1 -1
- metadata +4 -9
- data/helpers/install-dir/python/lib/__init__.py +0 -0
- data/helpers/install-dir/python/lib/hasher.py +0 -23
- data/helpers/install-dir/python/lib/parser.py +0 -131
- data/helpers/install-dir/python/requirements.txt +0 -9
- data/helpers/install-dir/python/run.py +0 -18
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '096c88109b30bfbe6091df9e86cff4f74fce3e70f38e843f2a9a5e732e055e8c'
|
|
4
|
+
data.tar.gz: 255a7dcc8906f09931fda6c6e7821a40ea7c18c55dd50442c07e228d0829de40
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2b75f1763215c78bb7a22faa6223b864ae59d980f0ab614a7a2d57ee9b0e0178243e2b979433d8daeabf63f2a8e56a38f0f38a1f1ab7d2cb62124f3ac91059ec
|
|
7
|
+
data.tar.gz: 4b9f416dd1ecfcd7e4c19c766691db850d6da781814315a60ebfbc8a4d379c6c8df10cb95b68e07d4ad5c28dc56e60437643cc55d092481e66b8e2c975519bda
|
data/helpers/requirements.txt
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.113.
|
|
4
|
+
version: 0.113.20
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-11-
|
|
11
|
+
date: 2019-11-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.113.
|
|
19
|
+
version: 0.113.20
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.113.
|
|
26
|
+
version: 0.113.20
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -158,11 +158,6 @@ extensions: []
|
|
|
158
158
|
extra_rdoc_files: []
|
|
159
159
|
files:
|
|
160
160
|
- helpers/build
|
|
161
|
-
- helpers/install-dir/python/lib/__init__.py
|
|
162
|
-
- helpers/install-dir/python/lib/hasher.py
|
|
163
|
-
- helpers/install-dir/python/lib/parser.py
|
|
164
|
-
- helpers/install-dir/python/requirements.txt
|
|
165
|
-
- helpers/install-dir/python/run.py
|
|
166
161
|
- helpers/lib/__init__.py
|
|
167
162
|
- helpers/lib/hasher.py
|
|
168
163
|
- helpers/lib/parser.py
|
|
File without changes
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
import hashin
|
|
2
|
-
import json
|
|
3
|
-
import pipfile
|
|
4
|
-
from poetry.poetry import Poetry
|
|
5
|
-
|
|
6
|
-
def get_dependency_hash(dependency_name, dependency_version, algorithm):
|
|
7
|
-
hashes = hashin.get_package_hashes(
|
|
8
|
-
dependency_name,
|
|
9
|
-
version=dependency_version,
|
|
10
|
-
algorithm=algorithm
|
|
11
|
-
)
|
|
12
|
-
|
|
13
|
-
return json.dumps({ "result": hashes["hashes"] })
|
|
14
|
-
|
|
15
|
-
def get_pipfile_hash(directory):
|
|
16
|
-
p = pipfile.load(directory + '/Pipfile')
|
|
17
|
-
|
|
18
|
-
return json.dumps({ "result": p.hash })
|
|
19
|
-
|
|
20
|
-
def get_pyproject_hash(directory):
|
|
21
|
-
p = Poetry.create(directory)
|
|
22
|
-
|
|
23
|
-
return json.dumps({ "result": p.locker._get_content_hash() })
|
|
@@ -1,131 +0,0 @@
|
|
|
1
|
-
from itertools import chain
|
|
2
|
-
import glob
|
|
3
|
-
import io
|
|
4
|
-
import json
|
|
5
|
-
import os.path
|
|
6
|
-
import re
|
|
7
|
-
|
|
8
|
-
import setuptools
|
|
9
|
-
import pip._internal.req.req_file
|
|
10
|
-
from pip._internal.download import PipSession
|
|
11
|
-
from pip._internal.req.constructors import install_req_from_line
|
|
12
|
-
|
|
13
|
-
def parse_requirements(directory):
|
|
14
|
-
# Parse the requirements.txt
|
|
15
|
-
requirement_packages = []
|
|
16
|
-
|
|
17
|
-
requirement_files = glob.glob(os.path.join(directory, '*.txt')) \
|
|
18
|
-
+ glob.glob(os.path.join(directory, '**', '*.txt'))
|
|
19
|
-
|
|
20
|
-
pip_compile_files = glob.glob(os.path.join(directory, '*.in')) \
|
|
21
|
-
+ glob.glob(os.path.join(directory, '**', '*.in'))
|
|
22
|
-
|
|
23
|
-
def version_from_install_req(install_req):
|
|
24
|
-
if install_req.is_pinned:
|
|
25
|
-
return next(iter(install_req.specifier)).version
|
|
26
|
-
|
|
27
|
-
for reqs_file in requirement_files + pip_compile_files:
|
|
28
|
-
try:
|
|
29
|
-
requirements = pip._internal.req.req_file.parse_requirements(
|
|
30
|
-
reqs_file,
|
|
31
|
-
session=PipSession()
|
|
32
|
-
)
|
|
33
|
-
for install_req in requirements:
|
|
34
|
-
if install_req.original_link:
|
|
35
|
-
continue
|
|
36
|
-
|
|
37
|
-
pattern = r"-[cr] (.*) \(line \d+\)"
|
|
38
|
-
abs_path = re.search(pattern, install_req.comes_from).group(1)
|
|
39
|
-
rel_path = os.path.relpath(abs_path, directory)
|
|
40
|
-
|
|
41
|
-
requirement_packages.append({
|
|
42
|
-
"name": install_req.req.name,
|
|
43
|
-
"version": version_from_install_req(install_req),
|
|
44
|
-
"markers": str(install_req.markers) or None,
|
|
45
|
-
"file": rel_path,
|
|
46
|
-
"requirement": str(install_req.specifier) or None
|
|
47
|
-
})
|
|
48
|
-
except Exception as e:
|
|
49
|
-
print(json.dumps({ "error": repr(e) }))
|
|
50
|
-
exit(1)
|
|
51
|
-
|
|
52
|
-
return json.dumps({ "result": requirement_packages })
|
|
53
|
-
|
|
54
|
-
def parse_setup(directory):
|
|
55
|
-
# Parse the setup.py
|
|
56
|
-
setup_packages = []
|
|
57
|
-
if os.path.isfile(directory + '/setup.py'):
|
|
58
|
-
def version_from_install_req(install_req):
|
|
59
|
-
if install_req.is_pinned:
|
|
60
|
-
return next(iter(install_req.specifier)).version
|
|
61
|
-
|
|
62
|
-
def parse_requirement(req, req_type):
|
|
63
|
-
install_req = install_req_from_line(req)
|
|
64
|
-
if install_req.original_link:
|
|
65
|
-
return
|
|
66
|
-
|
|
67
|
-
setup_packages.append({
|
|
68
|
-
"name": install_req.req.name,
|
|
69
|
-
"version": version_from_install_req(install_req),
|
|
70
|
-
"markers": str(install_req.markers) or None,
|
|
71
|
-
"file": "setup.py",
|
|
72
|
-
"requirement": str(install_req.specifier) or None,
|
|
73
|
-
"requirement_type": req_type
|
|
74
|
-
})
|
|
75
|
-
|
|
76
|
-
def setup(*args, **kwargs):
|
|
77
|
-
for arg in ['setup_requires', 'install_requires', 'tests_require']:
|
|
78
|
-
if not kwargs.get(arg):
|
|
79
|
-
continue
|
|
80
|
-
for req in kwargs.get(arg):
|
|
81
|
-
parse_requirement(req, arg)
|
|
82
|
-
extras_require_dict = kwargs.get('extras_require', {})
|
|
83
|
-
for key in extras_require_dict:
|
|
84
|
-
for req in extras_require_dict[key]:
|
|
85
|
-
parse_requirement(req, 'extras_require:{}'.format(key))
|
|
86
|
-
setuptools.setup = setup
|
|
87
|
-
|
|
88
|
-
def noop(*args, **kwargs):
|
|
89
|
-
pass
|
|
90
|
-
|
|
91
|
-
def fake_parse(*args, **kwargs):
|
|
92
|
-
return []
|
|
93
|
-
|
|
94
|
-
global fake_open
|
|
95
|
-
def fake_open(*args, **kwargs):
|
|
96
|
-
content = ("VERSION = ('0', '0', '1+dependabot')\n"
|
|
97
|
-
"__version__ = '0.0.1+dependabot'\n"
|
|
98
|
-
"__author__ = 'someone'\n"
|
|
99
|
-
"__title__ = 'something'\n"
|
|
100
|
-
"__description__ = 'something'\n"
|
|
101
|
-
"__author_email__ = 'something'\n"
|
|
102
|
-
"__license__ = 'something'\n"
|
|
103
|
-
"__url__ = 'something'\n")
|
|
104
|
-
return io.StringIO(content)
|
|
105
|
-
|
|
106
|
-
content = open(directory + '/setup.py', 'r').read()
|
|
107
|
-
|
|
108
|
-
# Remove `print`, `open`, `log` and import statements
|
|
109
|
-
content = re.sub(r"print\s*\(", "noop(", content)
|
|
110
|
-
content = re.sub(r"log\s*(\.\w+)*\(", "noop(", content)
|
|
111
|
-
content = re.sub(r"\b(\w+\.)*(open|file)\s*\(", "fake_open(", content)
|
|
112
|
-
content = content.replace("parse_requirements(", "fake_parse(")
|
|
113
|
-
version_re = re.compile(r"^.*import.*__version__.*$", re.MULTILINE)
|
|
114
|
-
content = re.sub(version_re, "", content)
|
|
115
|
-
|
|
116
|
-
# Set variables likely to be imported
|
|
117
|
-
__version__ = '0.0.1+dependabot'
|
|
118
|
-
__author__ = 'someone'
|
|
119
|
-
__title__ = 'something'
|
|
120
|
-
__description__ = 'something'
|
|
121
|
-
__author_email__ = 'something'
|
|
122
|
-
__license__ = 'something'
|
|
123
|
-
__url__ = 'something'
|
|
124
|
-
|
|
125
|
-
# Run as main (since setup.py is a script)
|
|
126
|
-
__name__ = '__main__'
|
|
127
|
-
|
|
128
|
-
# Exec the setup.py
|
|
129
|
-
exec(content) in globals(), locals()
|
|
130
|
-
|
|
131
|
-
return json.dumps({ "result": setup_packages })
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
import sys
|
|
2
|
-
import json
|
|
3
|
-
|
|
4
|
-
from lib import parser, hasher
|
|
5
|
-
|
|
6
|
-
if __name__ == "__main__":
|
|
7
|
-
args = json.loads(sys.stdin.read())
|
|
8
|
-
|
|
9
|
-
if args["function"] == "parse_requirements":
|
|
10
|
-
print(parser.parse_requirements(args["args"][0]))
|
|
11
|
-
if args["function"] == "parse_setup":
|
|
12
|
-
print(parser.parse_setup(args["args"][0]))
|
|
13
|
-
elif args["function"] == "get_dependency_hash":
|
|
14
|
-
print(hasher.get_dependency_hash(*args["args"]))
|
|
15
|
-
elif args["function"] == "get_pipfile_hash":
|
|
16
|
-
print(hasher.get_pipfile_hash(*args["args"]))
|
|
17
|
-
elif args["function"] == "get_pyproject_hash":
|
|
18
|
-
print(hasher.get_pyproject_hash(*args["args"]))
|